/* * multi-session authcode generation for MD2 * H(password + session_id + msg + session_seq + password) * * Use OpenSSL implementation of MD2 algorithm if found. * This function is analogous to ipmi_auth_md5 */ uint8_t * ipmi_auth_md2(struct ipmi_session * s, uint8_t * data, int data_len) { #ifdef HAVE_CRYPTO_MD2 MD2_CTX ctx; static uint8_t md[16]; uint32_t temp; #if WORDS_BIGENDIAN temp = BSWAP_32(s->in_seq); #else temp = s->in_seq; #endif memset(md, 0, 16); memset(&ctx, 0, sizeof(MD2_CTX)); MD2_Init(&ctx); MD2_Update(&ctx, (const uint8_t *)s->authcode, 16); MD2_Update(&ctx, (const uint8_t *)&s->session_id, 4); MD2_Update(&ctx, (const uint8_t *)data, data_len); MD2_Update(&ctx, (const uint8_t *)&temp, sizeof(uint32_t)); MD2_Update(&ctx, (const uint8_t *)s->authcode, 16); MD2_Final(md, &ctx); //if (verbose > 3) // printf(" MD2 AuthCode : %s\n", buf2str(md, 16)); return md; #else /*HAVE_CRYPTO_MD2*/ static uint8_t md[16]; memset(md, 0, 16); printf("WARNING: No internal support for MD2! " "Please re-compile with OpenSSL.\n"); return md; #endif /*HAVE_CRYPTO_MD2*/ }
unsigned char *MD2(const unsigned char *d, size_t n, unsigned char *md) { MD2_CTX c; static unsigned char m[MD2_DIGEST_LENGTH]; if (md == NULL) md=m; if (!MD2_Init(&c)) return NULL; #ifndef CHARSET_EBCDIC MD2_Update(&c,d,n); #else { char temp[1024]; unsigned long chunk; while (n > 0) { chunk = (n > sizeof(temp)) ? sizeof(temp) : n; ebcdic2ascii(temp, d, chunk); MD2_Update(&c,temp,chunk); n -= chunk; d += chunk; } } #endif MD2_Final(md,&c); OPENSSL_cleanse(&c,sizeof(c)); /* Security consideration */ return(md); }
void do_fp(FILE *f) { MD2_CTX c; unsigned char md[MD2_DIGEST_LENGTH]; int fd,i; static unsigned char buf[BUFSIZE]; fd=fileno(f); MD2_Init(&c); for (;;) { i=read(fd,buf,BUFSIZE); if (i <= 0) break; MD2_Update(&c,buf,(unsigned long)i); } MD2_Final(&(md[0]),&c); pt(md); }
static void MD2_File(FILE *file, unsigned char **output, int *outlength) { *output = new unsigned char[MD2_DIGEST_LENGTH]; *outlength = MD2_DIGEST_LENGTH; MD2_CTX c; int i; unsigned char buf[MD2_FILE_BUFFER_SIZE]; MD2_Init(&c); for (;;) { i = fread(buf,1,MD2_FILE_BUFFER_SIZE,file); if(i <= 0) break; MD2_Update(&c,buf,(unsigned long)i); } MD2_Final(*output, &c); }
ULONG AnscCryptoMd2Digest ( PVOID buffer, ULONG size, PANSC_CRYPTO_HASH hash ) { #ifdef _ANSC_MD2_USED_ MD2_CTX context; MD2_Init (&context); MD2_Update(&context, (PUCHAR)buffer, size); MD2_Final (hash->Value, &context); hash->Length = ANSC_MD2_OUTPUT_SIZE; return hash->Length; #else AnscTrace("WARNING: MD2 digest is disabled!!!\n"); return hash->Length; #endif }
/** * Construct a new x509 object. * @return 0 if ok. < 0 if there was a problem. */ int x509_new(const uint8_t *cert, int *len, X509_CTX **ctx) { int begin_tbs, end_tbs; int ret = X509_NOT_OK, offset = 0, cert_size = 0; X509_CTX *x509_ctx; BI_CTX *bi_ctx; *ctx = (X509_CTX *)calloc(1, sizeof(X509_CTX)); x509_ctx = *ctx; /* get the certificate size */ asn1_skip_obj(cert, &cert_size, ASN1_SEQUENCE); if (asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0) goto end_cert; begin_tbs = offset; /* start of the tbs */ end_tbs = begin_tbs; /* work out the end of the tbs */ asn1_skip_obj(cert, &end_tbs, ASN1_SEQUENCE); if (asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0) goto end_cert; if (cert[offset] == ASN1_EXPLICIT_TAG) /* optional version */ { if (asn1_version(cert, &offset, x509_ctx)) goto end_cert; } if (asn1_skip_obj(cert, &offset, ASN1_INTEGER) || /* serial number */ asn1_next_obj(cert, &offset, ASN1_SEQUENCE) < 0) goto end_cert; /* make sure the signature is ok */ if (asn1_signature_type(cert, &offset, x509_ctx)) { ret = X509_VFY_ERROR_UNSUPPORTED_DIGEST; goto end_cert; } if (asn1_name(cert, &offset, x509_ctx->ca_cert_dn) || asn1_validity(cert, &offset, x509_ctx) || asn1_name(cert, &offset, x509_ctx->cert_dn) || asn1_public_key(cert, &offset, x509_ctx)) { goto end_cert; } bi_ctx = x509_ctx->rsa_ctx->bi_ctx; x509_ctx->fingerprint = malloc(SHA1_SIZE); SHA1_CTX sha_fp_ctx; SHA1_Init(&sha_fp_ctx); SHA1_Update(&sha_fp_ctx, &cert[0], cert_size); SHA1_Final(x509_ctx->fingerprint, &sha_fp_ctx); #ifdef CONFIG_SSL_CERT_VERIFICATION /* only care if doing verification */ /* use the appropriate signature algorithm (SHA1/MD5/MD2) */ if (x509_ctx->sig_type == SIG_TYPE_MD5) { MD5_CTX md5_ctx; uint8_t md5_dgst[MD5_SIZE]; MD5_Init(&md5_ctx); MD5_Update(&md5_ctx, &cert[begin_tbs], end_tbs-begin_tbs); MD5_Final(md5_dgst, &md5_ctx); x509_ctx->digest = bi_import(bi_ctx, md5_dgst, MD5_SIZE); } else if (x509_ctx->sig_type == SIG_TYPE_SHA1) { SHA1_CTX sha_ctx; uint8_t sha_dgst[SHA1_SIZE]; SHA1_Init(&sha_ctx); SHA1_Update(&sha_ctx, &cert[begin_tbs], end_tbs-begin_tbs); SHA1_Final(sha_dgst, &sha_ctx); x509_ctx->digest = bi_import(bi_ctx, sha_dgst, SHA1_SIZE); } else if (x509_ctx->sig_type == SIG_TYPE_MD2) { MD2_CTX md2_ctx; uint8_t md2_dgst[MD2_SIZE]; MD2_Init(&md2_ctx); MD2_Update(&md2_ctx, &cert[begin_tbs], end_tbs-begin_tbs); MD2_Final(md2_dgst, &md2_ctx); x509_ctx->digest = bi_import(bi_ctx, md2_dgst, MD2_SIZE); } if (cert[offset] == ASN1_V3_DATA) { int suboffset; ++offset; get_asn1_length(cert, &offset); if ((suboffset = asn1_find_subjectaltname(cert, offset)) > 0) { if (asn1_next_obj(cert, &suboffset, ASN1_OCTET_STRING) > 0) { int altlen; if ((altlen = asn1_next_obj(cert, &suboffset, ASN1_SEQUENCE)) > 0) { int endalt = suboffset + altlen; int totalnames = 0; while (suboffset < endalt) { int type = cert[suboffset++]; int dnslen = get_asn1_length(cert, &suboffset); if (type == ASN1_CONTEXT_DNSNAME) { x509_ctx->subject_alt_dnsnames = (char**) realloc(x509_ctx->subject_alt_dnsnames, (totalnames + 2) * sizeof(char*)); x509_ctx->subject_alt_dnsnames[totalnames] = (char*)malloc(dnslen + 1); x509_ctx->subject_alt_dnsnames[totalnames+1] = NULL; memcpy(x509_ctx->subject_alt_dnsnames[totalnames], cert + suboffset, dnslen); x509_ctx->subject_alt_dnsnames[ totalnames][dnslen] = 0; ++totalnames; } suboffset += dnslen; } } } } } offset = end_tbs; /* skip the rest of v3 data */ if (asn1_skip_obj(cert, &offset, ASN1_SEQUENCE) || asn1_signature(cert, &offset, x509_ctx)) goto end_cert; #endif ret = X509_OK; end_cert: if (len) { *len = cert_size; } if (ret) { #ifdef CONFIG_SSL_FULL_MODE printf("Error: Invalid X509 ASN.1 file (%s)\n", x509_display_error(ret)); #endif x509_free(x509_ctx); *ctx = NULL; } return ret; }
//MD2 hash function bool __fastcall MD2_Hash( FILE *Input) { //Parameters check if (HashFamilyID != HASH_ID_MD2 || Input == nullptr) { fwprintf_s(stderr, L"Parameters error.\n"); return false; } //Initialization std::shared_ptr<char> Buffer(new char[FILE_BUFFER_SIZE]()), StringBuffer(new char[FILE_BUFFER_SIZE]()); memset(Buffer.get(), 0, FILE_BUFFER_SIZE); memset(StringBuffer.get(), 0, FILE_BUFFER_SIZE); MD2_CTX HashInstance; memset(&HashInstance, 0, sizeof(MD2_CTX)); size_t ReadLength = 0; //MD2 initialization MD2_Init(&HashInstance); //Hash process while (!feof(Input)) { memset(Buffer.get(), 0, FILE_BUFFER_SIZE); _set_errno(0); ReadLength = fread_s(Buffer.get(), FILE_BUFFER_SIZE, sizeof(char), FILE_BUFFER_SIZE, Input); if (ReadLength == 0) { fwprintf_s(stderr, L"Hash process error"); if (errno > 0) fwprintf_s(stderr, L", error code is %d.\n", errno); else fwprintf_s(stderr, L".\n"); return false; } else { MD2_Update(&HashInstance, (uint8_t *)Buffer.get(), (uint32_t)ReadLength); } } //Binary to hex memset(Buffer.get(), 0, FILE_BUFFER_SIZE); MD2_Final(&HashInstance, (uint8_t *)Buffer.get()); if (sodium_bin2hex(StringBuffer.get(), FILE_BUFFER_SIZE, (const unsigned char *)Buffer.get(), MD2_DIGEST_SIZE) == nullptr) { fwprintf_s(stderr, L"Convert binary to hex error.\n"); return false; } else { //Print to screen. std::string HashResult = StringBuffer.get(); CaseConvert(true, HashResult); for (size_t Index = 0;Index < HashResult.length();++Index) fwprintf_s(stderr, L"%c", HashResult.c_str()[Index]); fwprintf_s(stderr, L"\n"); } return true; }
RTDECL(void) RTMd2Final(PRTMD2CONTEXT pCtx, uint8_t pabDigest[RTMD2_HASH_SIZE]) { MD2_Final((unsigned char *)&pabDigest[0], &pCtx->Private); }